Category Archives: Configuration

2011 Blog Statistics (review)

Jan 2

Posted by

The WordPress.com stats helper monkeys prepared a 2011 annual report for this blog.

Here’s an excerpt:

A New York City subway train holds 1,200 people. This blog was viewed about 7,900 times in 2011. If it were a NYC subway train, it would take about 7 trips to carry that many people.

Click here to see the complete report.

Posted in Configuration

Leave a Comment

Tags: ,

Networking Changes in ESXi 5.0

Sep 23

Posted by

Networking Changes in ESXi 5.0
Some ESX 4.x and ESXi 4.x network settings stored in /etc/sysconfig/network are migrated in the upgrade or migration to ESXi 5.0. In the migration to ESXi 5.0, ESX Service Console virtual NICs (vswifs) are converted to ESXi virtual NICs (vmks).The distributed port group or dvPort that the virtual NICs connect to is also migrated. The Service Console port group is renamed as the Management Network port group. When vswifs are migrated to vmks, they are numbered to follow any existing vmk in sequence.


For example, if the version 4.x ESX host has virtual NICs vmk0, vmk1, and vswif0, after the migration the new ESXi configuration will be vmk0, vmk1, and vmk2, where vmk2 is the management interface.

When you upgrade from ESXi 4.x to ESXi 5.x, the default maximum number of ports for a virtual switch changes from 64 to 128.
ESX hosts have two IP stacks, one for the vmkernel and one for the Service Console. Because ESXi hosts have only one IP stack, the migration cannot preserve both ESX default routes. After migration, the ESX Service Console default route becomes the single ESXi default route, replacing the vmkernel route. The change to a single ESXi default route might cause loss of connectivity for routed non-management traffic that originates from vmkernel. To restore vmkernel networking, you can configure static routes in addition to the default route.
All vswif interfaces are migrated to vmk interfaces. If a conflict is detected between two interfaces, one is left in disabled state. The upgrade disables any conflicting kernel IP addressing in favor of the management interface.
The migration to ESXi 5.0 disables any existing vmk virtual NIC that meets the following conditions.

  • The vmk virtual NIC has a manually configured (static) IP address.
  • The IP address is in the same subnet as a vswif virtual NIC that is being migrated to a switch containing the vmk virtual NIC.
  • The vmk and vswif NICs are both on the same virtual switch.


For example, if vswif0, with IP address 192.0.2.1/24 on vswitch1, is migrated to a switch containing vmk0, with IP address 192.0.2.2/24, also on vswitch1, after the migration, vmk0 will be disabled.

ESX 4.x Service Console Port Group Removed in Migration to ESXi 5.0

Because ESXi 5.0 has no Service Console, migrating from ESX 4.x to ESXi 5.0 removes the Service Console port group. After the migration to ESXi 5.0, a new port group, the Management Network port group, is created.

Posted in Configuration, Impact, Networking

Leave a Comment

Configuration Changes After Migration or Upgrade to ESXi 5.0

Sep 23

Posted by

Firewall Configuration Changes After Migration or Upgrade to ESXi 5.0

The migration or upgrade from ESX/ESXi 4.x to ESXi 5.0 results in several changes to the host firewall configuration. When you migrate from ESX 4.x to ESXi 5.0, the ESX 4.x rulesets list is replaced by the new rulesets list in ESXi5.0.

The following configuration from the /etc/vmware/esx.conf file is preserved:

  • · The existing enabled/disabled status.
  • · The allowedip added by esxcfg-firewall.

Ruleset files that are added by the user and customized firewall rules created in ESX 4.x. are not preserved after the migration. In the first boot after the migration, for those rulesets that don’t have entries in the ESX 4.x /etc/vmware/esx.conf file, the ESXi 5.0 firewall loads the default enabled status.

After the migration to ESXi 5.0, the default block policy is set to false (PASS all traffic by default) on ESXi 5.0 only when both blockIncoming and blockOutgoing values of the default policy are false in the ESX4.x /etc/vmware/esx.conf file. Otherwise the default policy is to deny all traffic. Custom ports that were opened by using the ESX/ESXi 4.1 esxcfg-firewall command do not remain open after the upgrade to ESXi 5.0. The configuration entries are ported to the esx.conf file by the upgrade, but the corresponding ports are not opened.

IMPORTANT The ESXi firewall in ESXi 5.0 does not allow per-network filtering of vMotion traffic. Therefore, you must install rules on your external firewall to ensure that no incoming connections can be made to the vMotion socket.

Resource Pool Settings Affected by the Upgrade from ESX 4.x to ESXi 5.0

After the upgrade to ESXi 5.0, ESX 4.x resource pool settings might be insufficient to start all virtual machines in the pool. The upgrade to ESXi 5.0 affects the amount of memory available to the host system. You can find this alert by pressing Alt + F11 in the ESXi direct console.

SSH Configuration Affected by Upgrading or Migrating to ESXi 5.0

The host SSH configuration is migrated only for upgrades from ESXi 4.1 to ESXi 5.0. SSH configuration is not migrated for ESX 4.x hosts or ESXi 4.0 hosts. For these hosts, SSH access is disabled during the upgrade or migration process. You can re-enable SSH access in the direct console.

Posted in Configuration, Impact, Upgrade

Leave a Comment